pix config for nat port 80 and port 8080 to same internal ip and port?

Hi,

I've been struggling with this for a while, and searched for an answer which has eluded me so far.

I currently have a Pix 515E Version 6.3(5) setup to allow incoming requests on port 80 to be redirected to a server at port 8162 and incoming requests on port 8080 to redirect to the same server at port 8080. (The internal and external IPs are the same ie 1:1 NAT).

Re: pix config for nat port 80 and port 8080 to same internal ip

Cannot be possible on PIX/ASA the way you want to do it, even using bellow policy nat you would get dup error right on static entries I tested it on asa but did not work using bellow ports, you would need another spare public IP.

That may be a better solution than what I do right now, however I am very surprised that the PIX cannot do this as it seems to be a common need to map different ports to the same destination port, I do that all the time with the OpenBSD PF based firewalls I use. If indeed the PIX can't do it, then I think I need to find a new firewall device that can do it.

We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...
view more